Details
-
Type:
Bug
-
Status: Closed
-
Priority:
Lowest
-
Resolution: Won't Fix
-
Affects Version/s: None
-
Fix Version/s: None
-
Component/s: None
-
Security Level: Public
-
Labels:None
-
Environment:Groupware Core v11.0.2.51 and before
Description
An issue in provider/libserver/ECKrbAuth.cpp of Kopano-Core v11.0.2.51 contains an issue which allows attackers to authenticate even if the user account or password is expired.
https://www.cve.org/CVERecord?id=CVE-2022-26562
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016973